diff --git a/main.c b/main.c index 7a241a0..23a60c4 100644 --- a/main.c +++ b/main.c @@ -14,15 +14,9 @@ pid_t pid_child; void drop_root(void) { - uid_t uid = getuid(); - // Drop root privileges - if (setresuid(-1,uid,uid) == -1) - { - int err = errno; - printf("Failed to drop root privileges with setresuid (%d)\n", err); - exit(err); - } - + /// Drop root privileges + // First group then user because we might not + // be able to drop group once we dropped user gid_t gid = getgid(); if (setresgid(-1,gid,gid) == -1) { @@ -31,6 +25,14 @@ void drop_root(void) exit(err); } + uid_t uid = getuid(); + if (setresuid(-1,uid,uid) == -1) + { + int err = errno; + printf("Failed to drop root privileges with setresuid (%d)\n", err); + exit(err); + } + // sanity check if (seteuid(0) != -1) {